diff --git a/CHANGELOG.md b/CHANGELOG.md index 4e31d56..8ef80d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## [1.8.2](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/compare/v1.8.1...v1.8.2) (2023-11-11) + + +### Bug Fixes + +* string concat ([06e40f1](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/06e40f1a5357c4bcb66c1d5976923a1d9b5afc82)) + ## [1.7.2](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/compare/v1.7.1...v1.7.2) (2023-11-11) diff --git a/src/assets/YAML/generated/generated.yaml b/src/assets/YAML/generated/generated.yaml index 5998225..7035d8f 100644 --- a/src/assets/YAML/generated/generated.yaml +++ b/src/assets/YAML/generated/generated.yaml @@ -41,6 +41,8 @@ Build and Deployment: - 14.2.6 iso27001-2022: - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Build/a340f46b-6360-4cb8-847b-a0d3483d09d3 isImplemented: false comments: "" tags: @@ -91,6 +93,8 @@ Build and Deployment: iso27001-2022: - 5.37 - 8.32 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Build/f6f7737f-25a9-4317-8de2-09bf59f29b5b isImplemented: false comments: "" tags: @@ -134,6 +138,8 @@ Build and Deployment: - 14.2.6 iso27001-2022: - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Build/f3c4971e-9f4d-4e59-8ed0-f0bdb6262477 isImplemented: false comments: "" tags: @@ -171,6 +177,8 @@ Build and Deployment: iso27001-2022: - 5.9 - 5.12 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Build/2858ac12-0179-40d9-9acf-1b839c030473 isImplemented: false comments: "" tags: @@ -224,6 +232,8 @@ Build and Deployment: - 14.2.6 iso27001-2022: - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Build/5786959d-0c6f-46a6-8e1c-a32ff1a50222 isImplemented: false comments: "" tags: @@ -266,6 +276,8 @@ Build and Deployment: - 14.2.6 iso27001-2022: - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Build/9f107927-61e9-4574-85ad-3f2b4bca8665 isImplemented: false comments: "" tags: @@ -311,6 +323,8 @@ Build and Deployment: - 8.32 - 8.19 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/0cb2626b-fb0d-4a0f-9688-57f787310d97 isImplemented: false comments: "" tags: @@ -343,6 +357,8 @@ Build and Deployment: - 11.2.7 iso27001-2022: - 7.14 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/da4ff665-dcb9-4e93-9d20-48cdedc50fc2 isImplemented: false comments: "" tags: @@ -385,6 +401,8 @@ Build and Deployment: iso27001-2022: - 5.37 - 8.32 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/74938a3f-1269-49b9-9d0f-c43a79a1985a isImplemented: false comments: "" tags: @@ -1472,6 +1490,8 @@ Build and Deployment: - 8.31 d3f: - ApplicationConfigurationHardening + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/df428c9d-efa0-4226-9f47-a15bb53f822b isImplemented: false comments: "" tags: @@ -1523,6 +1543,8 @@ Build and Deployment: - Not explicitly covered by ISO 27001 - too specific - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/0de465a6-55a7-4343-af79-948bb5ff10ba isImplemented: false comments: "" tags: @@ -1565,6 +1587,8 @@ Build and Deployment: - 8.24 d3f: - ApplicationConfigurationHardening + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/94a96f79-8bd6-4904-97c0-994ff88f176a isImplemented: false comments: "" tags: @@ -1611,6 +1635,8 @@ Build and Deployment: iso27001-2022: - 5.9 - 5.12 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/13e9757e-58e2-4277-bc0f-eadc674891e6 isImplemented: false comments: "" tags: @@ -1643,6 +1669,8 @@ Build and Deployment: iso27001-2022: - 5.9 - 5.12 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/83057028-0b77-4d2e-8135-40969768ae88 isImplemented: false comments: "" tags: @@ -1686,6 +1714,8 @@ Build and Deployment: - 8.19 - 8.32 - 8.14 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/85d52588-f542-4225-a338-20dc22a5508d isImplemented: false comments: "" tags: @@ -1724,6 +1754,8 @@ Build and Deployment: - 8.33 - 8.29 - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/a854b48d-83bd-4f8d-8621-a0bdd470837f isImplemented: false comments: "" tags: @@ -1773,6 +1805,8 @@ Build and Deployment: - 8.31 d3f: - ApplicationConfigurationHardening + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Deployment/a511799b-045e-4b96-9843-7d63d8c1e2ad isImplemented: false comments: "" tags: @@ -1805,6 +1839,9 @@ Build and Deployment: - 8.8 - 8.19 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Patch + Management/99415139-6b50-441b-89e1-0aa59accd43d isImplemented: false comments: "" tags: @@ -1853,6 +1890,9 @@ Build and Deployment: iso27001-2022: - 8.8 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Patch + Management/8ae0b92c-10e0-4602-ba22-7524d6aed488 isImplemented: false comments: "" tags: @@ -1889,6 +1929,9 @@ Build and Deployment: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Patch + Management/34869eaf-f2e1-4926-b0bd-28c43402f057 isImplemented: false comments: "" tags: @@ -1936,6 +1979,9 @@ Build and Deployment: - 14.2.1 iso27001-2022: - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Patch + Management/16e39c8f-5336-4001-88ed-a552d2447531 isImplemented: false comments: "" tags: @@ -1977,6 +2023,9 @@ Build and Deployment: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Patch + Management/485a3383-7f2e-4dba-bb84-479377070904 isImplemented: false comments: "" tags: @@ -2028,6 +2077,9 @@ Build and Deployment: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Patch + Management/6b96e5a0-ce34-4ea4-a88f-469d3b84546e isImplemented: false comments: "" tags: @@ -2130,6 +2182,8 @@ Culture and Organization: - May be part of risk assessment - 5.12 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/ae22dafd-bcd6-41ee-ba01-8b7fe6fc1ad9 isImplemented: false comments: "" tags: @@ -2164,6 +2218,8 @@ Culture and Organization: - May be part of risk assessment - 5.12 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/48f97f31-931c-46eb-9b3e-e2fec0cd0426 isImplemented: false comments: "" tags: @@ -2287,6 +2343,8 @@ Culture and Organization: - May be part of risk assessment - 5.12 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/47419324-e263-415b-815d-e7161b6b905e isImplemented: false comments: "" tags: @@ -2332,6 +2390,8 @@ Culture and Organization: - 5.8 - May be part of risk assessment - 5.9 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/0a929c3e-ab9a-4206-8761-adf84b74622e isImplemented: false comments: "" tags: @@ -2377,6 +2437,8 @@ Culture and Organization: - 5.8 - May be part of risk assessment - 5.9 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/bacf85b6-5bc0-405d-b5ba-a5d971467cc1 isImplemented: false comments: "" tags: @@ -2429,6 +2491,8 @@ Culture and Organization: - May be part of risk assessment - 5.12 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/dd5ed7c1-bdbf-400f-b75f-6d3953a1a04e isImplemented: false comments: "" tags: @@ -2459,6 +2523,8 @@ Culture and Organization: iso27001-2022: - 5.1 - 5.4 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Design/1b9281b9-48e2-4c01-9ac6-9db9931c4885 isImplemented: false comments: "" tags: @@ -2501,6 +2567,9 @@ Culture and Organization: - 7.2.2 iso27001-2022: - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/12c90cc6-3d58-4d9b-82ff-d469d2a0c298 isImplemented: false comments: "" tags: @@ -2535,6 +2604,9 @@ Culture and Organization: - 7.1.1 iso27001-2022: - 6.1 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/f994a55d-71bb-45a4-a887-0a213d72c504 isImplemented: false comments: "" tags: @@ -2569,6 +2641,9 @@ Culture and Organization: - 7.2.2 iso27001-2022: - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/bfdb576e-a416-4ec6-96fe-a078d58b2ff8 isImplemented: false comments: "" tags: @@ -2606,6 +2681,9 @@ Culture and Organization: - 6.3 - 8.8 - 8.34 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/95caef96-36ed-458c-a087-5c35d4f9dec2 isImplemented: false comments: "" tags: @@ -2636,6 +2714,9 @@ Culture and Organization: iso27001-2022: - Mutual security testing is not explicitly required in ISO 27001 may be - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/35446784-7610-40d9-af9e-d43f3173bf8c isImplemented: false comments: "" tags: @@ -2670,6 +2751,9 @@ Culture and Organization: - 6.3 - 5.24 - 5.26 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/534f60bf-0995-4314-bb9c-f0f2bf204694 isImplemented: false comments: "" tags: @@ -2727,6 +2811,9 @@ Culture and Organization: - Security champions are missing in ISO 27001 most likely - 5.4 - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/6217fe11-5ed7-4cf4-9de4-555bcfa6fe87 isImplemented: false comments: "" tags: @@ -2774,6 +2861,9 @@ Culture and Organization: - 7.2.2 iso27001-2022: - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/9768f154-357a-4c06-af6f-d66570677c9b isImplemented: false comments: "" tags: @@ -2814,6 +2904,9 @@ Culture and Organization: - 7.2.2 iso27001-2022: - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/31833d56-35af-4ef3-9300-f23d27646ce7 isImplemented: false comments: "" tags: @@ -2853,6 +2946,9 @@ Culture and Organization: iso27001-2022: - Security champions are missing in ISO 27001 - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/f88d1b17-3d7d-4c3d-8139-ad44fc4942d4 isImplemented: false comments: "" tags: @@ -2898,6 +2994,9 @@ Culture and Organization: but nothing to promote good behavior. iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/91b6f75b-9f4a-4d77-95a2-af7ad3222c7c isImplemented: false comments: "" tags: @@ -2936,6 +3035,9 @@ Culture and Organization: - 7.1.1 iso27001-2022: - 6.1 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/f7b215dc-73a4-4c61-9e49-b3a3af1c9ac3 isImplemented: false comments: "" tags: @@ -2984,6 +3086,9 @@ Culture and Organization: - ISO 27001:2017 mapping is missing iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/7121b0c7-6ace-4d6b-95d0-94535dbccb57 isImplemented: false comments: "" tags: @@ -3023,6 +3128,9 @@ Culture and Organization: - 5.2 - 5.6 - 5.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/0b28367b-75a0-4bae-a926-3725c1bf9bb0 isImplemented: false comments: "" tags: @@ -3051,6 +3159,9 @@ Culture and Organization: - 16.1.6 iso27001-2022: - 5.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/58c46807-fee9-448b-b6dd-8050c464ab52 isImplemented: false comments: "" tags: @@ -3106,6 +3217,9 @@ Culture and Organization: - 7.2.2 iso27001-2022: - 6.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Education + and Guidance/535f301a-e8e8-4eda-ad77-a08b035c92de isImplemented: false comments: "" tags: @@ -3139,6 +3253,8 @@ Culture and Organization: - Peer review - four eyes principle is not explicitly required by ISO 27001 - 5.3 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Process/3f63bdbc-c75f-4780-a941-e6ad42e894e1 isImplemented: false comments: "" tags: @@ -3168,6 +3284,8 @@ Culture and Organization: iso27001-2022: - 8.32 - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Process/b4193d32-3948-47e2-a326-3748c48019a1 isImplemented: false comments: "" tags: @@ -3198,6 +3316,8 @@ Culture and Organization: - 17.1.1 iso27001-2022: - 5.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Process/c72da779-86cc-45b1-a339-190ce5093171 isImplemented: false comments: "" tags: @@ -3266,6 +3386,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/cf819225-30cb-4702-8e32-60225eedc33d comments: "" tags: - none @@ -3329,6 +3452,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/b597928e-54d6-48a5-a806-8003dcd56aab isImplemented: false comments: "" tags: @@ -3371,6 +3497,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/ffe86caf-2fec-4630-b514-2db83983984d isImplemented: false comments: "" dependsOn: @@ -3415,6 +3544,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/03643ca2-03c2-472b-8e19-956bf02fe9b7 isImplemented: false comments: "" dependsOn: @@ -3459,6 +3591,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/4cae98c2-4163-44ed-bb88-3c67c569533a isImplemented: false comments: "" dependsOn: @@ -3493,6 +3628,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/e1f37abb-d848-4a3a-b3df-65e91a89dcb7 tags: - none teamsImplemented: @@ -3529,6 +3667,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + Hardening/3e6253ab-89e5-4dea-aca0-3e770b78d39e isImplemented: false comments: "" dependsOn: @@ -3565,6 +3706,9 @@ Implementation: - Not explicitly covered by ISO 27001 - too specific - 5.37 - 8.32 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Development + and Source Control/363a3eea-baf9-4010-88ca-bb8186a2989d evidence: "" comments: "" tags: @@ -3617,6 +3761,9 @@ Implementation: - 8.25 - 8.27 - 8.28 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Development + and Source Control/948a4d51-ceb5-4ebd-bdc7-d74ea25e171c isImplemented: false comments: "" tags: @@ -3656,6 +3803,9 @@ Implementation: - ISO 27001:2017 mapping is missing iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Development + and Source Control/517b0957-4981-4ac0-b4c7-0d8d1934c474 isImplemented: false comments: "" tags: @@ -3708,6 +3858,9 @@ Implementation: - Peer review - four eyes principle is not explicitly required by ISO 27001 - 5.3 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Development + and Source Control/e7598ac4-b082-4e56-b7df-e2c6b426a5e2 isImplemented: false comments: "" tags: @@ -3743,6 +3896,9 @@ Implementation: - Not explicitly covered by ISO 27001 - too specific - 5.37 - 8.32 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Development + and Source Control/066084c6-1135-4635-9cc5-9e75c7c5459f isImplemented: false comments: "" tags: @@ -3773,6 +3929,9 @@ Implementation: iso27001-2022: - Virtual environments are not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/3a94d55e-fd82-4996-9eb3-20d23ff2a873 isImplemented: false comments: "" tags: @@ -3811,6 +3970,9 @@ Implementation: iso27001-2022: - 8.13 - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/5c61fd6b-8106-4c68-ac28-a8a42f1c67dc isImplemented: false comments: "" tags: @@ -3880,6 +4042,9 @@ Implementation: - 13.1.3 iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/5992c38c-8597-4035-89db-d15820d81c3a isImplemented: false comments: "" tags: @@ -3918,6 +4083,9 @@ Implementation: iso27001-2022: - Virtual environments are not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/6df508ef-86fc-4c22-bd9f-646c3127ce7d isImplemented: false comments: "" tags: @@ -3988,6 +4156,9 @@ Implementation: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/dcf9601b-b4f2-4e25-9143-e39af75f7c33 isImplemented: false comments: "" tags: @@ -4021,6 +4192,9 @@ Implementation: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.14 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/48e92bb1-fdba-40e8-b6c2-35de0d431833 isImplemented: false comments: "" tags: @@ -4074,6 +4248,9 @@ Implementation: - Not explicitly covered by ISO 27001 - too specific - 5.37 - 8.32 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/8b994601-575e-4ea5-b228-accb18c8e514 isImplemented: false comments: "" tags: @@ -4118,6 +4295,9 @@ Implementation: iso27001-2022: - Virtual environments are not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/4ce24abd-8ba6-494c-828d-4d193e28e4a1 isImplemented: false comments: "" tags: @@ -4163,6 +4343,9 @@ Implementation: - System hardening is not explicitly covered by ISO 27001 - too specific iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/e5386abf-9154-4752-a1a8-c3a8900f732d isImplemented: false comments: "" tags: @@ -4214,6 +4397,9 @@ Implementation: - 8.25 d3f: - Multi-factorAuthentication + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/598e9f13-1ac8-4a01-b85e-8fab93ee81de isImplemented: false comments: "" tags: @@ -4263,6 +4449,9 @@ Implementation: - 8.25 d3f: - Multi-factorAuthentication + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/8098e416-e1ed-4ae4-a561-83efbe76bf57 isImplemented: false comments: "" tags: @@ -4290,6 +4479,9 @@ Implementation: - Not explicitly covered by ISO 27001 iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/118b869b-3850-456e-98d9-1abdb85cbc5a isImplemented: false comments: "" tags: @@ -4326,6 +4518,9 @@ Implementation: iso27001-2022: - 8.31 - 8.14 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/e14de741-94b3-447c-8b07-eea947d82e61 isImplemented: false comments: "" tags: @@ -4364,6 +4559,9 @@ Implementation: - 9.4.1 iso27001-2022: - 8.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/070bb14b-e04a-4f3d-896a-a08eba7a35f9 isImplemented: false comments: "" tags: @@ -4400,6 +4598,9 @@ Implementation: - 9.4.1 iso27001-2022: - 8.3 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/82e499d1-f463-4a4b-be90-68812a874af6 isImplemented: false comments: "" tags: @@ -4431,6 +4632,9 @@ Implementation: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 5.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/f8e80f18-2503-4e3e-b3bc-7f67bb28defe isImplemented: false comments: "" tags: @@ -4459,6 +4663,9 @@ Implementation: - 10.1 iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/746025a6-dbfb-4087-a000-e46acab64ee1 isImplemented: false comments: "" tags: @@ -4487,6 +4694,9 @@ Implementation: - 10.1 iso27001-2022: - 8.24 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/ad23be9c-5661-4f1f-81a3-5a5dc7061629 isImplemented: false comments: "" tags: @@ -4515,6 +4725,9 @@ Implementation: - 10.1 iso27001-2022: - 8.24 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/0ff45fb8-7eef-46ed-9b3a-84c955cd7060 isImplemented: false comments: "" tags: @@ -4544,6 +4757,9 @@ Implementation: - 10.1 iso27001-2022: - 8.24 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/ecb0184c-6bc9-45da-bbbb-a983797ffc93 isImplemented: false comments: "" tags: @@ -4588,6 +4804,9 @@ Implementation: - not explicitly covered by ISO 27001 - too specific iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/11b3848e-e931-4146-a35d-35409ada24ee isImplemented: false comments: "" tags: @@ -4621,6 +4840,9 @@ Implementation: - Not explicitly covered by ISO 27001 - too specific - 8.31 - 8.14 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/bfdacb52-1e3f-431d-ae72-d844a5e86415 isImplemented: false comments: "" tags: @@ -4657,6 +4879,9 @@ Implementation: - 8.6 - 8.22 - 8.14 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/760f1056-b0ee-4f22-a35b-f65446f944ca isImplemented: false comments: "" tags: @@ -4691,6 +4916,9 @@ Implementation: iso27001-2022: - TODO: Incorporate advanced WAF input validation processes into the organization's ISMS. + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/f0e01814-3b88-4bd0-a3a9-f91db001d20b-advanced comments: ~ tags: - none @@ -4722,6 +4950,9 @@ Implementation: - TODO: Identify and implement SAMM security practices relevant to WAF configuration. iso27001-2022: - TODO: Integrate WAF deployment with ISO 27001 controls for system hardening. + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/f0e01814-3b88-4bd0-a3a9-f91db001d20b comments: ~ tags: - none @@ -4754,6 +4985,9 @@ Implementation: iso27001-2022: - TODO: Ensure WAF processes are integrated into the overall security management in accordance with ISO 27001 standards. + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Infrastructure + Hardening/f0e01814-3b88-4bd0-a3a9-f91db001d20b comments: ~ tags: - none @@ -4789,6 +5023,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Logging/fe875e17-ae4a-45f8-a359-244aa4fcbc04 isImplemented: false comments: "" tags: @@ -4832,6 +5068,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Logging/4eced38a-7904-4c45-adb0-50b663065540 isImplemented: false comments: "" tags: @@ -4865,6 +5103,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Logging/ccf4561d-253f-4762-adcb-bc4622fd6fc5 isImplemented: false comments: "" tags: @@ -4926,6 +5166,8 @@ Information Gathering: - 12.4.1 iso27001-2022: - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Logging/ccfdd0a8-991e-4269-ad77-c0a54ca655cb risk: |- * No track of security-relevant events makes it harder to analyze an incident. * Security incident analysis takes significantly less time with proper security events, such that an attack can be stopped before the attacker reaches his goal. @@ -4982,6 +5224,8 @@ Information Gathering: - Not explicitly covered by ISO 27001 - too specific - 8.15 - 5.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Logging/613a73dc-4f60-49db-a6ce-4fb7bf8519f9 isImplemented: false comments: "" tags: @@ -5021,6 +5265,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Logging/7c735089-6a83-419f-8b27-c1e676cedea1 isImplemented: false comments: "" tags: @@ -5052,6 +5298,8 @@ Information Gathering: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/d03bc410-74a7-4e92-82cb-d01a020cb6bf isImplemented: false comments: "" tags: @@ -5082,6 +5330,8 @@ Information Gathering: - 12.1.3 iso27001-2022: - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/ed715b38-c34b-40cd-83fd-ce807f306fc1 isImplemented: false comments: "" tags: @@ -5115,6 +5365,8 @@ Information Gathering: - 6.8 - 5.25 - 8.31 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/8a442d8e-0eb1-4793-a513-571aef982edd isImplemented: false comments: "" tags: @@ -5152,6 +5404,8 @@ Information Gathering: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/1cd5e4b8-be36-4726-adc7-d8f843f47ac8 isImplemented: false comments: "" tags: @@ -5191,6 +5445,8 @@ Information Gathering: - not explicitly covered by ISO 27001 - too specific iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/d0d681e7-d6de-4829-ac64-a9eb2546aa0d isImplemented: false comments: "" tags: @@ -5221,6 +5477,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/7f36b9ba-bc05-4fd6-9a2a-73344c249722 isImplemented: false comments: "" tags: @@ -5255,6 +5513,8 @@ Information Gathering: iso27001-2022: - 8.15 - 8.2 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/e808028c-351c-42f1-bcd9-fba738d1fc55 isImplemented: false comments: "" tags: @@ -5283,6 +5543,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/42170a71-d4c8-47af-bd71-bf36875fd05b isImplemented: false comments: "" tags: @@ -5311,6 +5573,8 @@ Information Gathering: - not explicitly covered by ISO 27001 iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/71699daf-b2a4-466b-a0b2-89f7dbb18506 isImplemented: false comments: "" tags: @@ -5343,6 +5607,8 @@ Information Gathering: - 12.1.3 iso27001-2022: - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/10e23a8c-22ff-4487-a706-87ccc9d0798e isImplemented: false comments: "" tags: @@ -5374,6 +5640,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 5.26 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/8746647c-638c-473f-8e17-82c068e4c311 isImplemented: false comments: "" tags: @@ -5405,6 +5673,8 @@ Information Gathering: - 12.4.1 iso27001-2022: - 8.15 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/e9a6d403-a467-445e-b98a-74f0c29da0b1 isImplemented: false comments: "" tags: @@ -5436,6 +5706,8 @@ Information Gathering: - 12.1.3 iso27001-2022: - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/f08a3219-6941-43ec-8762-4aff739f4664 isImplemented: false comments: "" tags: @@ -5470,6 +5742,8 @@ Information Gathering: - 12.1.3 iso27001-2022: - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/3d1f4c3b-f713-46d9-933a-54a014a26c03 isImplemented: false comments: "" tags: @@ -5502,6 +5776,8 @@ Information Gathering: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 5.26 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/d6f06ae8-401a-4f44-85df-1079247fa030 isImplemented: false comments: "" tags: @@ -5531,6 +5807,8 @@ Information Gathering: - 12.1.3 iso27001-2022: - 8.6 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Monitoring/ded39bcf-4eaa-4c5f-9c94-09acde0a4734 isImplemented: false comments: "" tags: @@ -5563,6 +5841,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + tests/67667c97-c33e-4306-a4e5-e7b1d8e10c5a isImplemented: false comments: "" tags: @@ -5592,6 +5873,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + tests/f57d55f2-dc05-4b34-9d1f-f8ce5bfb0715 isImplemented: false comments: "" tags: @@ -5633,6 +5917,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + tests/eb2c7f9d-d0bd-4253-a2ba-cff2ace4a075 isImplemented: false tags: - none @@ -5664,6 +5951,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Application + tests/73aaae0b-5d68-4953-9fa4-fd25bf665f2a isImplemented: false comments: "" tags: @@ -5720,6 +6010,8 @@ Test and Verification: - 5.12 - 5.13 - 5.1 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/7a82020c-94d1-471c-bbd3-5f7fe7df4876 isImplemented: false comments: "" tags: @@ -5772,6 +6064,8 @@ Test and Verification: - 16.1.4 iso27001-2022: - 5.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/785e34ef-40c6-487a-984c-3e7706c9bc1f isImplemented: false comments: "" tags: @@ -5834,6 +6128,8 @@ Test and Verification: iso27001-2022: - 5.25 - 5.1 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/c922981b-65ed-40f3-a947-96fee9a0125f isImplemented: false comments: The [DefectDojo-Client](https://github.com/SDA-SE/defectdojo-client/tree/master/statistic-client) generates statistics from OWASP DefectDojo and places the results in a [Github @@ -5883,6 +6179,8 @@ Test and Verification: - 5.25 - 5.26 - 5.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/ce970c9b-da94-41cf-bd78-8c15357b7e8e isImplemented: false comments: "" tags: @@ -5918,6 +6216,8 @@ Test and Verification: - 5.12 - 5.13 - 5.1 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/27337442-e4b1-4e87-8dc9-ce86fbb79a39 isImplemented: false comments: "" tags: @@ -5960,6 +6260,8 @@ Test and Verification: iso27001-2022: - Not explicitly covered by ISO 27001 - too specific - 5.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/c1acc8af-312e-4503-a817-a26220c993a0 isImplemented: false comments: "" tags: @@ -6018,6 +6320,8 @@ Test and Verification: - 5.12 - 5.13 - 5.1 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/55f4c916-3a34-474d-ad96-9a9f7a4f6a83 isImplemented: false comments: "" tags: @@ -6046,6 +6350,8 @@ Test and Verification: iso27001-2022: - 8.8 - 5.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/b2f77606-3e6c-41e9-b72d-7c0b1d3d581d isImplemented: false comments: "" tags: @@ -6075,6 +6381,8 @@ Test and Verification: iso27001-2022: - 8.8 - 5.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/44f2c8a9-4aaa-4c72-942d-63f78b89f385 implementation: [] isImplemented: false tags: @@ -6103,6 +6411,8 @@ Test and Verification: iso27001-2022: - 8.8 - 5.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/9cac3341-fe83-4079-bef2-bfc4279eb594 implementation: [] isImplemented: false tags: @@ -6155,6 +6465,8 @@ Test and Verification: - 5.25 - 5.26 - 5.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Consolidation/85ba5623-84be-4219-8892-808837be582d isImplemented: false comments: "" tags: @@ -6195,6 +6507,9 @@ Test and Verification: - part of periodic review, PDCA iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/d0ba0be5-c573-405f-b905-b7a8f87a9cc7 isImplemented: false comments: "" tags: @@ -6226,6 +6541,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/9711f871-f79d-4573-8d4f-d2c98fd0d18e implementation: - uuid: 6583fd5f-4314-4b39-9265-de72f861c8cb name: Ajax Spider @@ -6285,6 +6603,9 @@ Test and Verification: - not explicitly covered by ISO 27001 - too specific iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/6a9cb303-0f98-48a8-bdcd-56d41c0012b8 isImplemented: false comments: "" tags: @@ -6315,6 +6636,9 @@ Test and Verification: - not explicitly covered by ISO 27001 - too specific iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/5e0ff85b-ec89-4ef0-96b1-5695fa0025dc implementation: - uuid: c9bbecf2-567b-4422-b29a-67b16385f32b name: Schemathesis @@ -6361,6 +6685,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/845f06ec-148c-4c67-9755-7041911dcca5 isImplemented: false comments: "" tags: @@ -6390,6 +6717,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/22aab0ef-76ce-4b8c-979c-3699784330db implementation: - signing-of-commits-protection: uuid: 86c6bdba-73c0-4c99-bbda-81b85c9fe2a4 @@ -8544,6 +8874,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/07796811-37f9-467c-9ff2-48f346e77ff3 isImplemented: false comments: "" tags: @@ -8575,6 +8908,9 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/65a2d7d9-5441-46bf-a4e3-f76919857750 implementation: - uuid: 7eb37566-02d5-4fff-8dcf-8fcd1c8197f3 name: Zest @@ -8624,6 +8960,9 @@ Test and Verification: iso27001-2022: - 8.8 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for applications/5b5a1eb2-113f-41fb-a3d6-06af4fdc9cea isImplemented: false comments: "" tags: @@ -8657,6 +8996,9 @@ Test and Verification: - 8.6 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/ab5725aa-4d53-47b9-96df-c14b3fa93bcd isImplemented: false comments: "" tags: @@ -8701,6 +9043,9 @@ Test and Verification: - 8.22 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/a6c4cefb-a0b7-4787-8cc7-a0f96b4b00d8 isImplemented: false comments: "" tags: @@ -8736,6 +9081,9 @@ Test and Verification: iso27001-2022: - 8.19 - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/dccf1949-b9a8-4ce8-b992-6a4a7f3a623a isImplemented: false dependsOn: - Evaluation of the trust of used components @@ -8779,6 +9127,9 @@ Test and Verification: - 8.22 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/6532c1fe-9d23-4228-8722-558ddabca7d4 isImplemented: false comments: "" tags: @@ -8817,6 +9168,9 @@ Test and Verification: - 8.22 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/6d2c3ac6-8afc-4af6-a5e9-6188341aca01 isImplemented: false comments: "" tags: @@ -8867,6 +9221,9 @@ Test and Verification: - 8.8 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/7bb70764-9392-4462-935d-e55b2e148199 isImplemented: false comments: "" tags: @@ -8900,6 +9257,9 @@ Test and Verification: - 9.4.3 iso27001-2022: - 5.17 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Dynamic + depth for infrastructure/61e10f9c-e126-4ffa-af12-fdbe0d0a831f isImplemented: false comments: "" tags: @@ -8953,6 +9313,9 @@ Test and Verification: - 8.25 - 8.27 - 8.28 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/017d9e26-42b5-49a4-b945-9f59b308fb99 isImplemented: false comments: "" tags: @@ -8989,6 +9352,9 @@ Test and Verification: - Not explicitly covered by ISO 27001 - too specific - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/d17dbff0-1f10-492a-b4c7-17bb59a0a711 isImplemented: false comments: "" tags: @@ -9024,6 +9390,9 @@ Test and Verification: - Not explicitly covered by ISO 27001 - too specific - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/d17dbff0-1f10-492a-b4c7-17bb59a0a711 isImplemented: false comments: "" tags: @@ -10136,6 +10505,9 @@ Test and Verification: iso27001-2022: - Hardening is not explicitly covered by ISO 27001 - too specific - 8.22 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/6e180abc-7c98-4265-b4e9-852cb91b067b isImplemented: false comments: "" tags: @@ -10194,6 +10566,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/07fe8c4f-ae33-4409-b1b2-cf64cfccea86 isImplemented: false comments: "" tags: @@ -10259,6 +10634,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/d918cd44-a972-43e9-a974-eff3f4a5dcfe isImplemented: false comments: "" tags: @@ -10288,6 +10666,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/f4ff841d-3b2a-45d9-853e-5ec7ecbcb054 isImplemented: false comments: "" tags: @@ -10348,6 +10729,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/ee68331f-9b1d-4f61-844b-b2ea04753a84 isImplemented: false comments: "" tags: @@ -10412,6 +10796,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/e237176b-bec5-447d-a926-e37d6dd60e4b isImplemented: false comments: "" tags: @@ -10471,6 +10858,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/6c05c837-8c99-46e2-828b-7c903e27dba4 isImplemented: false comments: "" tags: @@ -10525,6 +10915,9 @@ Test and Verification: - 8.8 - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/efa52cc8-6c5c-4ba2-a3d2-7164b0402f34 isImplemented: false comments: "" tags: @@ -10560,6 +10953,9 @@ Test and Verification: - 8.8 - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for applications/297be001-8d94-41ee-ab29-207020d423c0 isImplemented: false comments: "" tags: @@ -10590,6 +10986,9 @@ Test and Verification: - ISO 27001:2017 mapping is missing iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/b217c8bb-5d61-4b41-a675-1083993f83b1 isImplemented: false comments: "" tags: @@ -10636,6 +11035,9 @@ Test and Verification: iso27001-2022: - 8.8 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/7de0ae33-6538-45cd-8222-a1475647ba58 isImplemented: false comments: "" tags: @@ -10674,6 +11076,9 @@ Test and Verification: - 8.8 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/621fb6a5-5c0a-4408-826a-068868bb031b isImplemented: false comments: "" tags: @@ -10716,6 +11121,9 @@ Test and Verification: iso27001-2022: - 8.8 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/ddfe7c3c-b7a4-4cba-9041-b044d4a34e5b isImplemented: false comments: "" tags: @@ -10767,6 +11175,9 @@ Test and Verification: - 12.6.1 iso27001-2022: - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/26e1c6d5-5632-4ec7-80d2-e564b98732ad isImplemented: false comments: "" tags: @@ -10809,6 +11220,9 @@ Test and Verification: - 12.2.1 iso27001-2022: - 8.7 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/837f8f90-adc2-4e6b-9ebb-60c2ee29494d isImplemented: false comments: "" tags: @@ -10839,6 +11253,9 @@ Test and Verification: - 8.8 - 8.7 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/cb6321aa-0fbf-4996-9e08-05ab26ef4c1e isImplemented: false comments: "" tags: @@ -10878,6 +11295,9 @@ Test and Verification: - vcs usage is not explicitly covered by ISO 27001 - too specific - 5.17 - 8.24 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/c6e3c812-56e2-41b0-ae01-b7afc41a004c isImplemented: false comments: "" tags: @@ -10928,6 +11348,9 @@ Test and Verification: iso27001-2022: - 8.8 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/13367d8f-e37f-4197-a610-9ffca4fde261 isImplemented: false comments: "" tags: @@ -10972,6 +11395,9 @@ Test and Verification: - ISO 27001:2017 mapping is missing iso27001-2022: - ISO 27001:2022 mapping is missing + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/58825d22-1ce6-4748-af81-0ec9956e4129 isImplemented: false comments: "" tags: @@ -11010,6 +11436,9 @@ Test and Verification: - 8.8 - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/46d6a2a8-f9dc-4c15-9fc8-1723cfecbddc isImplemented: false comments: "" tags: @@ -11067,6 +11496,9 @@ Test and Verification: - 8.32 - 8.29 - 8.25 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Static + depth for infrastructure/8fc3de67-7b8d-420b-8d24-f35928cfed6e isImplemented: false comments: "" tags: @@ -11104,6 +11536,8 @@ Test and Verification: - 8.32 - 8.27 - 8.8 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Test-Intensity/79ef8103-e1ed-4055-8df8-fd2b2015bebe isImplemented: false comments: "" tags: @@ -11138,6 +11572,8 @@ Test and Verification: - 8.8 - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Test-Intensity/1bd78cdd-ef11-4bb5-9b58-5af2e25fe1c5 isImplemented: false comments: "" tags: @@ -11169,6 +11605,8 @@ Test and Verification: - 8.8 - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Test-Intensity/ab0a4b51-3b18-43f1-a6fc-a98e4b28453d isImplemented: false comments: "" tags: @@ -11201,6 +11639,8 @@ Test and Verification: - 8.8 - 8.25 - 8.27 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Test-Intensity/2ebfc421-8c76-415c-a3b0-fa518915bd10 isImplemented: false comments: "" tags: @@ -11232,6 +11672,8 @@ Test and Verification: iso27001-2022: - 8.32 - 8.29 + openCRE: + - https://www.opencre.org/rest/v1/standard/DevSecOps+Maturity+Model+(DSOMM)/Test-Intensity/598897a2-358e-441f-984c-e12ec4f6110a isImplemented: false comments: "" tags: